1
Q
- What is one way of checking emails for virus infections?
A. Block all emails with attachments.
B. Block all active attachments (for example, Active, scripting).
C. Look for subject lines that are from known virus attacks.
D. Look for emails from known virus sources.
A
C. Look for subject lines that are from known virus attacks.
1
Q
- Which of the following is the most common way for a virus scanner to recognize a virus?
A. To compare a file to known virus attributes
B. To use complex rules to look for virus-like behavior
C. To look for only TSR programs
D. To look for TSR programs or programs that alter the Registry
A
A. To compare a file to known virus attributes
2
Q
- What are TSR programs?
A. Terminal signal registry programs, which alter the system Registry
B. Terminate and system remove programs, which erase themselves when complete
C. Terminate and scan remote programs, which scan remote systems prior to terminating
D. Terminate and stay resident programs, which stay in memory after you shut them down
A
D. Terminate and stay resident programs, which stay in memory after you shut them down
3
Q
- What is the name for scanning that depends on complex rules to define what is and is not a virus?
A. Rules-based scanning (RBS)
B. Heuristic scanning
C. TSR scanning
D. Logic-based scanning (LBS)
A
B. Heuristic scanning
4
Q
- Which of the following is not one of the basic types of firewalls?
A. Screening firewall
B. Application gateway
C. Heuristic firewall
D. Circuit-level gateway
A
C. Heuristic firewall
5
Q
- Which of the following is the most basic type of firewall?
A. Screening firewall
B. Application gateway
C. Heuristic firewall
D. Circuit-level gateway
A
A. Screening firewall
6
Q
- George is responsible for security on a midsized network. He has more than two dozen systems that generate logs. What technology would be most helpful for him in analyzing these logs?
A. SIEM
B. IDS/IPS
C. NGFW
D. PKI
A
A. SIEM
7
Q
- What does SPI stand for?
A. Stateful packet inspection
B. System packet inspection
C. Stateful packet interception
D. System packet interception
A
A. Stateful packet inspection
8
Q
- What is the term for a firewall that is software installed on an existing server?
A. Network host-based firewall
B. Dual-homed firewall
C. Router-based firewall
D. Screened host
A
D. Screened host
9
Q
- What is a major weakness with a network host-based firewall?
A. Its security depends on the underlying operating system.
B. It is difficult to configure.
C. It can be easily hacked.
D. It is very expensive.
A
A. Its security depends on the underlying operating system.
10
Q
- What is the term for blocking an IP address that has been the source of suspicious activity?
A. Preemptive blocking
B. Intrusion deflection
C. Proactive deflection
D. Intrusion blocking
A
A. Preemptive blocking
11
Q
- What is the term for a fake system designed to lure intruders?
A. Honey pot
B. Faux system
C. Deflection system
D. Entrapment
A
A. Honey pot
12
Q
- Which of the following is the correct term for making a system less attractive to intruders?
A. Intrusion deterrence
B. Intrusion deflection
C. Intrusion camouflage
D. Intrusion avoidance
A
A. Intrusion deterrence
12
Q
- What method do most IDS software implementations use?
A. Anomaly detection
B. Preemptive blocking
C. Intrusion deterrence
D. Infiltration
A
A. Anomaly detection
13
Q
- How do most antispyware packages work?
A. By using heuristic methods
B. By looking for known spyware
C. The same way antivirus scanners work
D. By seeking out TSR cookies
A
B. By looking for known spyware
Intro to Cybersecurity
flashcards
Decks in class (4)
# Cards
